JP2010199852A - Broadcast receiving method and broadcast receiver - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technology for finding out illegally-used IC cards. <P>SOLUTION: A broadcast receiver includes: a receiving part for receiving a digital broadcast signal transmitted after encryption; a descrambling part for descrambling the digital broadcast signal transmitted after encryption; and an IC card 26 for providing a scrambling key to the descrambling part. The IC card 26 includes a command executing means that replaces a portion of the scrambling key with its own ID on the basis of a command for outputting information to specify an ID included in an ECM (Entitlement Control Message), to the descrambling part. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a broadcast receiving apparatus, and more particularly to a method for receiving an ECM (Entitlement Control Message: program information common to the receiver side) in a limited reception system.

  For limited reception, a method of using an IC card for viewing contract management is widely used. In general, an IC card has an EMM (Entitlement Management Message: individual information on the receiver side) that provides information related to a contract, and key information (hereinafter referred to as “descrambled”) for an encrypted (scrambled) program. An ECM providing a scramble key) is provided, and only an IC card to which information indicating that there is a contract is provided by the EMM can extract key information for descrambling a program included in the ECM.

  In relation to the technique described in Patent Document 1, as an overview, in order to prevent unauthorized reception of pay broadcasts, the contents of the master key Kmi are illegally decrypted and the work key Kw or the scramble key is illegally used. The broadcast station encrypts and transmits a scramble key using a master key as an encryption key. However, although the master key is changed periodically, it is necessary to purchase a new IC card at the time of this change. For this reason, the master key is changed when unauthorized reception is considerably expanded, and as a general rule, the master key cannot be changed frequently.

  On the other hand, there is known a method of sharing illegally viewing IC cards for managing viewing contracts by sharing a plurality of receivers as card sharing. In this method, a scramble key output from an IC card is shared by a plurality of receivers via a network or the like, and an unauthorized receiver without a large number of IC cards connected to the network can view the program. There was a problem.

Japanese Patent Laid-Open No. 7-154770

  An object of this invention is to provide the technique for specifying the IC card used illegally. Furthermore, it aims at providing the technique used as a deterrent to a fraudulent person's fraudulent act.

  In order to solve the above-described problem, a broadcast receiving apparatus of the present invention includes a receiving unit that receives an encrypted digital broadcast signal and a descrambling device that descrambles the encrypted digital broadcast signal. And an IC card that provides a scramble key to the descrambling unit, and the IC card provides an instruction to output information for specifying an ID included in an ECM (Entitlement Control Message) to the descrambling unit. And an instruction execution means for replacing a part of the scramble key with information for specifying its own ID.

  According to the present invention, a technique for specifying an IC card that is illegally used can be obtained.

The block block diagram of the example of the broadcast system regarding this invention, and the receiver 2 which is one Embodiment. The figure which shows the section structure of EMM which the embodiment utilizes. The figure which shows the section structure of ECM which the embodiment uses. The figure which shows the ECM reception command and response which are used for the embodiment. The flowchart which shows the operation example of the principal part of the embodiment. The block block diagram used for the other form.

Embodiments of the present invention will be described below.
(Embodiment 1)
A first embodiment of the present invention will be described with reference to FIGS.
First, in FIG. 1 which is a form of a single device, it is shown that a flow relating to a scramble key change in FIG. 5 described later operates normally, and later, the effectiveness of this embodiment will be described in the form of FIG. FIG. 1 shows an example of a broadcasting system according to the present invention and a block diagram of a receiver 2 according to an embodiment.

  As shown in FIG. 1, a broadcast station 1 scrambles (encrypts) a broadcast program signal with a scrambler 14 and broadcasts it so that only a receiver holding an IC card can view it. At that time, program information (hereinafter referred to as ECM) including the scramble key Ks used when the program is scrambled (encrypted) is generated by the ECM generator 15 and multiplexed and broadcasted by the multiplexer 17. The ECM is encrypted to prevent fraud, and the key used for encryption is called a work key Kw. On the other hand, for the receiver, individual information (hereinafter referred to as EMM) including the work key Kw used for decrypting the ECM is generated by the EMM generation unit 16 and multiplexed by the multiplexing unit 17 to be broadcast It is like that. This EMM is also encrypted with the master key Kmi so as not to be fraudulent. The master key Kmi used for encryption is a different key for each IC card, and is a key stored in the IC card 26 used in the receiver 2 described below and shared with the broadcasting station 1. An ID that is paired with the master key Kmi and is different for each IC card is also stored in the IC card 26 and shared with the broadcasting station 1. This ID is information written (set) in the ID holding unit 25 at a timing such as when the receiver is turned on or an IC card is inserted.

  The receiver 2 demultiplexes the EMM contained in the demultiplexer 23 after tuning the radio wave transmitted from the broadcasting station via the transmission antenna 18, the satellite 3, and the reception antenna 21 by the tuner 22. Further, only the EMM having the same ID is separated from the EMM output from the demultiplexer 23 by the demultiplexer 24, and after decryption by the decryption circuit 262 in the IC card 26, it is stored in the EMM memory 264 for viewing. Is used to determine whether or not to view the desired program with the ECM. On the other hand, the ECM is also separated by the demultiplexer 23 and further decrypted by the decryption circuit 261 in the IC card 26. As a result of the viewing determination using these ECM and EMM, when it is determined that the program can be viewed, a scramble key for descrambling (decoding) the program is taken out from the ECM and given to the descrambler 27. The program is descrambled so that the user can watch the program. The output of the descrambler 27 is guided to the MPEG decoder 29, and the output of the MPEG decoder 29 is a TV signal supplied to a display and a speaker (not shown). The control unit 47 performs control that controls the operation of each unit.

  FIG. 2 is a diagram illustrating a section configuration of the EMM used in the embodiment. Of the EMM main body included in the EMM section, the variable part of the EMM main body includes a 16-byte work key Kw (not shown). The fixed part has a 6-byte ID.

  FIG. 3 shows the ECM section configuration. Each ECM fixed part has an 8-byte scramble key (Odd) and a scramble key (Even). The reason why there are two types of scramble key (Odd) and scramble key (Even) is as follows.

In general, a conditional access system using an IC card switches the scramble key in a short time (several seconds) in order to improve safety.
In this case, in order to switch while continuing the scramble, while using the current scramble key (for example, the scramble key (Odd)), the receiver can acquire the next scramble key (for example, the scramble key (Even)) in advance. Sends ECM including different types of scramble keys, IC card outputs two types of scramble keys, and receiver can set current scramble key to descrambler and preset next scramble key to descrambler .

  Now, in the arib STD B-25, the command / response format between the IC card and the digital receiver is defined as shown in FIG. As an outline of the function of the ECM reception command, there is a case where ECM data is transferred and Ks is obtained. 4A shows an ECM reception command, and FIG. 4B shows an ECM reception response.

  According to the present invention, at the timing of specifying an IC card that has been illegally used, the broadcast station outputs an instruction for specifying the ID of the IC card instead of outputting the scramble key (hereinafter, card specification). Information output instruction) is stored in the ECM. For example, it is preferable that the output is stored in the variable part of the ECM main body as a binary expression of ON / OFF of the output.

FIG. 5 is a flowchart illustrating an operation example at the time of ECM reception according to the embodiment. The processing of this flow is executed by the IC card.
First, in step S10, normal ECM processing is performed. Next, in step S20, the presence / absence of a card specific information output instruction is determined. If it is determined that there is an instruction (Yes in step S20), an ID is assigned to, for example, 6 bytes of the scramble key Ks (odd) in the next step S30. Put in. If it is determined in step S20 that there is no instruction (No in step S20), the scramble key is output as usual and the process is terminated.

  In response to the card specification information output instruction, the IC card 26 outputs information for specifying the ID of the IC card 26 (for example, ID (6 bytes) in Ks (odd)) instead of outputting the scramble key. To 27. However, in this case, since all receivers cannot be descrambled at the timing when the scramble key replaced with the information for specifying the ID is used, the broadcasting station specifies the ID of the IC card 26. After the information for output is output to the descrambler 27, the next scramble key update period (several seconds) is made non-scrambled. The receiver can determine whether the receiver is scrambled or non-scrambled by referring to the scramble flag of the TS packet (see arib STD B-25, Section 4.8 Judgment of scramble).

  FIG. 6 is a block diagram of a so-called modification of the receiver 2 according to the embodiment. The receiver has two parts: a receiver (receiver) 2a mainly for viewing and a descramble receiver (descrambler) 5 that functions as a distribution server for the scramble key Ks to a plurality of receivers 2a. 6 (for example, the Internet).

  The present invention is for specifying the IC card used in the descrambling receiver 5 that illegally distributes the scramble key to the plurality of receivers 2a in this way.

  As in FIG. 1, the broadcast station scrambles (encrypts) the broadcast program signal so that only the receiver holding the IC card can view it. At that time, the program information (hereinafter referred to as ECM) including the scramble key Ks used when the program is scrambled (encrypted) is generated, multiplexed and broadcast on the program, and the ECM is encrypted so as not to be illegal. The key used for encryption is called a work key Kw. On the other hand, individual information (hereinafter referred to as EMM) including a work key Kw used for decrypting the ECM is generated for the receiver, and is multiplexed and broadcast on the broadcast signal. This EMM is also encrypted with the master key Kmi so as not to be fraudulent. The master key Kmi used for encryption is a different key for each IC card, and is a key stored in the IC card 26 used in the descrambling receiver 5 described below and shared with the broadcast station 1. is there. An ID that is paired with the master key Kmi and is different for each IC card is also stored in the IC card 26 and shared with the broadcasting station 1. This ID is information written (set) in the ID holding unit 25 at timing such as when the receiver is turned on or when the IC card 26 is inserted.

  The receiver 5 demultiplexes the EMM included in the demultiplexer 23 after selecting the radio wave transmitted from the broadcasting station via the transmission antenna 18, the satellite 3, and the reception antenna 21 by the tuner 22. Further, only the EMM having the same ID is separated from the EMM output from the demultiplexer 23 by the demultiplexer 24, and after decryption by the decryption circuit 262 in the IC card 26, it is stored in the EMM memory 264 for viewing. Is used to determine whether or not to view the desired program with the ECM. On the other hand, the ECM is also separated by the demultiplexer 23 and further decrypted by the decryption circuit 261 in the IC card 26. As a result of viewing determination using these ECM and EMM, when it is determined that viewing is possible, a scramble key for descrambling (decoding) a program is extracted from the ECM.

On the other hand, the receiver 2a is configured so that the scramble key received from the receiver 5 connected via the network 6 is given to the descrambler 27, the program is descrambled by the descrambler 27, and the user can view the program. The output of the descrambler 27 is guided to the MPEG decoder 29, and the output of the MPEG decoder 29 is a TV signal supplied to a display and a speaker (not shown). Note that channel selection information is input from the receiver 2a to the receiver 5, but this information is necessary when the receiver 5 uses a plurality of IC cards 26 and can distribute scramble keys of a plurality of stations. .

  When the broadcast station obtains information that the network 6 in which the descrambling receiver 5 that illegally distributes the scramble key to the plurality of receivers 2a is present, the broadcast station flows to the network 6 in FIG. Monitor the signal. It is assumed that the investigator is also connected to the network 6 in FIG. 6 using one receiver 2a for monitoring. If a contract or the like is necessary for the receiver 2a for monitoring to participate in the network 6 at this time, it participates in the network 6 in advance by concluding a contract. Then, as described with reference to FIG. 5, the descrambling that illegally distributes the scramble key to the plurality of receivers 2a by outputting the information for specifying the ID of the IC card 26 to the network 6 (descrambler 27). The IC card used in the receiver 5 is specified.

  The work key is changed when an illegally used IC card can be identified, but this identification is performed by subsequently stopping the transmission of the EMM including the valid work key Kw for the identified IC card. With such an IC card, the scramble key cannot be obtained, that is, it can be invalidated, and unauthorized use of distributing the scramble key to the plurality of receivers 2a can be prevented.

The outline of the present embodiment is summarized as follows.
(1) Instead of outputting a scramble key at the timing of specifying an illegally used IC card, an instruction to output information for specifying an IC card ID or the like (card specific information output instruction) is entered in the ECM. Prepare.

(2) The IC card that has received the card specification information output instruction outputs information for specifying the IC card ID and the like instead of outputting the scramble key. However, in this case, since all receivers cannot be descrambled at the timing of using the scramble key, at least a period (about several seconds) in which the scramble key is used is non-scrambled.

(3) By doing so, it is possible to specify the ID of an IC card that has been used illegally without affecting the legitimate recipient.
(4) Since the card specific information output instruction is concealed in the ECM, an unauthorized person cannot be found, and the information for specifying the IC card ID or the like is the key for switching while continuing to scramble. Therefore, it is possible to identify an IC card that has been used illegally.

(Embodiment 2)
A second embodiment according to the present invention will be described. Description of the parts common to the first embodiment is omitted.
The information for specifying the ID of the IC card includes a risk for an investigator who can find an unauthorized person by comparing a plurality of IC card outputs. That is, in the proposed method, information for specifying the ID of the IC card is output instead of the scramble key in response to the card specifying information output instruction, and an unauthorized person uses a plurality of IC cards, and both scramble keys are used. If the scramble key does not match, it is determined that the information for specifying the ID of the IC card is included in the scramble key, and the output of the scramble key to the network 6 (descrambler 27) is stopped. (Risk for the investigator).

  Even in this case, the proposed method cannot cope unless an unauthorized person uses a plurality of IC cards, and the burden on the unauthorized person is increased as compared with the case where the proposed method is not used. There is no change.

  In the second embodiment, in order to deal with this risk, as shown in the first embodiment, the information for specifying the ID of the IC card is not the ID itself as shown in the first embodiment. Enable instructions to only some cards, such as cards only. For example, when it is assumed that an unauthorized person uses two cards and determines whether or not to output a scramble key to the network 6 (descrambler 27) by the determination of coincidence / mismatch, the scramble key is transferred to the network 6 (descrambler). 27), if it is not output, it can be seen that the unauthorized person has a card whose ID is decimal and the last digit is 1. If it is output, the card ID is decimal and last digit. You can see that you do not have a card with a numeric value of 1. In this case, a plurality of trials are necessary to specify.

  In addition to the ID output ON / OFF instruction (card specific information output instruction) for all the cards described in the first embodiment, the ID output ON / OFF instruction (card specific information) for the card with the specific ID is thus provided. The output instruction) is preferably stored in the variable part of the ECM main body. Various ways of narrowing down can be set. For example, for the above ID (14 decimal digits), 1 to 10000, and in the next instruction, the range of 10001 to 20000 values (range can be specified in 1 ID unit), even only / odd only, decimal Only cards with a digit value of 1, etc.

(Embodiment 3)
When the number of cards owned by unauthorized persons is three or more, the criteria for determining whether or not to output a scramble key to the network 6 (descrambler 27) may change depending on the determination of coincidence / mismatch. That is, for example, in the case of three cards, a plurality of scramble keys are sequentially compared, and when two or more keys match, it is determined that the scramble key is genuine, and the scramble key is output to the network 6 (descrambler 27). It is possible to do.

  Note that the method of the second embodiment has a certain deterrent effect because it cannot be handled unless the unauthorized person further uses a plurality of IC cards, and the burden on the unauthorized person is increased as compared with the case where the present proposal is not used. There is no change.

In the third embodiment, in order to deal with this risk, not only an ID output ON / OFF instruction (card specific information output instruction) directed to a card with a specific ID but also only a part of ID information is stored in the scramble key. Instead it outputs. That is, for example, among the 8 bytes (64 bits) of the scramble key, the LSB1 bit is targeted, and the LSB1 bit of the ID is output instead of the scramble key LSB1 bit. By doing this, it is determined whether the LSB1 bit to be investigated is even or odd. In this way, for example, when there are three cards, if two or more cards are even, it is found that the LSB1 bit of the ID is even. In this way, since the ID is 6 bytes (48 bits) in sequence, such as the next bit, if it is repeated 48 times, the value used for each bit may be found. However, the ID that combines all the found bits is not necessarily the ID of the illegal card. That is, it is only known that each of the check bits is used for any one of the cards having a plurality of check bits, and it is not always possible to check all the information of a specific card.

However, as a method of designating only partial information of the ID, not only one specific bit but also 2 bits to a maximum of 48 bits can be selected, and the possibility of specifying the ID of the IC card is expanded by investigating. Further, by combining various conditions of the method of the second embodiment and the method of the third embodiment, the possibility of specifying the ID of the IC card is expanded.

  Note that the method of the third embodiment cannot cope unless an unauthorized person further uses a plurality of IC cards, and the burden on the unauthorized person is increased as compared with the case where the present proposal is not used. There is no change.

  The purpose of the present embodiment as described above is a limited reception system and apparatus (IC card, reception) having means for finding out which IC card is illegally used when the existence of card sharing becomes clear. Machine). In addition, even when an unauthorized person tries to find out whether an IC card is illegally used by using a plurality of cards or the like, a conditional access system and device that provides a certain deterrent effect by increasing the burden of the unauthorized person (IC card, receiver).

  As an outline, in a conditional access apparatus using an IC card, in order to prevent unauthorized use due to card sharing, an instruction to output a signal for personal identification such as an ID is given to the IC card at the switching timing of the scramble key.

In addition, this invention is not limited to the said embodiment, In the range which does not deviate from the summary, it can implement in various modifications.
Various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the above-described embodiments. For example, some components may be deleted from all the components shown in the embodiment. Furthermore, constituent elements according to different embodiments may be appropriately combined.

  2 ... receiver, 4 ... remote control, 21 ... receiving antenna, 22 ... tuner, 23 ... demultiplexer, 24 ... separation unit, 25 ... ID holding unit, 26 ... IC card, 27 ... descrambler, 29 ... MPEG decoder, 47 ... control unit.

Claims (5)

A receiving unit that receives an encrypted digital broadcast signal and outputs a video signal;
A descrambling unit for descrambling the encrypted digital broadcast signal transmitted;
An IC card for providing a scramble key to the descramble unit,
The IC card includes instruction means for replacing a part of the scramble key with its own ID based on an instruction to output information for specifying an ID included in an ECM (Entitlement Control Message) to the descramble unit. A broadcast receiver characterized by that.   The broadcast receiving apparatus according to claim 1, wherein the instruction is included in a variable part of an ECM main body.   The broadcast receiving apparatus according to claim 1, wherein the instruction is valid exclusively for an IC card having a part of IDs.   The receiving unit receives information for specifying the ID, receives a non-scrambled digital broadcast signal received during a period during which the scramble key is next updated, and outputs a video signal. The broadcast receiving apparatus according to claim 1. A broadcast receiving method in a broadcast receiving apparatus for receiving a digital broadcast signal transmitted after being encrypted,
Receiving an ECM (Entitlement Control Message) including an instruction to output information for specifying an ID of an IC card for managing a viewing contract held in the broadcast receiving apparatus for each predetermined observation period;
A broadcast receiving method comprising: a step of giving the instruction to the reception unit by the instruction means.

Images